New Cactus ransomware encrypts itself to avoid detection by security software

New ransomware called “Cactus” has emerged in the cyber threat landscape that encrypts itself to avoid detection by security software. The ransomware targets known vulnerabilities in Fortinet Inc. VPN appliances, allowing hackers to access corporate networks. Cactus uses a batch script to obtain the encryptor binary using 7-Zip, which avoids detection by antivirus and other security tools. Once the malware is installed, it begins to encrypt the files on the infected device and replaces them with a ransom note. The note asks victims to contact the attackers by email or a backup chat service to recover their files. Cybersecurity experts warn that organizations should immediately patch any known vulnerabilities and back up their critical data to prevent such attacks. They also advise companies to regularly update their security software to detect the latest threats. As cyberattacks continue to increase, businesses must remain vigilant and take necessary measures to secure their systems and data.

About Author